Background information

Alibaba Cloud WAF informs you about security events and system events through emails. You can configure the alarm triggering condition and alarm time interval.

Procedure

  1. Log on to the Alibaba Cloud WAF console.
  2. On the top of the page, select the region: Mainland China or International.
  3. On the Setting > Alarm Settings page, complete the following configuration.
    Configuration Description
    Triggered by Specify which security or system event can trigger an alarm.
    Note The default alarm cannot be disabled or configured.
    • Event Alarms
      • Blackhole Routing Status Due to DDoS Events (default)
      • Blackhole Routing Status Ends (default)
      • HTTP Flood Attack
        You must specify the conditions that trigger the alarm.
        • QPS exceeds a predefined maximum value (1 to 10,000,000) and increases by a predefined maximum rate (0% to 1,000%).
        • 4xx requests exceed a predefined maximum QPS (1 to 10,000,000) and occupy a predefined maximum proportion (0% to 1,000%).
        • 5xx requests exceed a predefined maximum QPS (1 to 10,000,000) and occupy a predefined maximum proportion (0% to 1,000%).
      • Massive Web Scan Events

        You must specify the maximum frequency per 5 minutes.

    • System Alarms: Expiration Alarm (default)


    Alarm Time Interval Repeat alarms for xx (0 to 10) times per xx (0 to 24 hours).

  4. Click Save Settings.